View Issue Details

IDProjectCategoryView StatusLast Update
0007619GNUnetutil librarypublic2023-06-01 20:26
Reporterulfvonbelow Assigned Toschanzen  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product VersionGit master 
Target Version0.19.4Fixed in Version0.19.4 
Summary0007619: Memory leaks in util
DescriptionIn GNUNET_CRYPTO_eddsa_private_key_derive, GNUNET_CRYPTO_hash_file_cancel, GNUNET_CRYPTO_hash_file, and the checkvec and check_vectors functions in gnunet-crypto-tvg. See attached patch for details.
Steps To Reproduce./configure --enable-sanitizer
make
make install
make check
Additional InformationPatch attached.
Tagsbug, memory-leak, patch
Attached Files
0001-UTIL-fix-memory-leaks-in-several-places.patch (4,550 bytes)   
From 80c414ec8768cc4a15f0a8689e689af98d90ae21 Mon Sep 17 00:00:00 2001
From: ulfvonbelow <strilen@tilde.club>
Date: Sat, 28 Jan 2023 16:43:51 -0600
Subject: [PATCH] UTIL: fix memory leaks in several places.

Namely, in:
- GNUNET_CRYPTO_eddsa_private_key_derive
- GNUNET_CRYPTO_hash_file_cancel
- GNUNET_CRYPTO_hash_file
- checkvec and check_vectors in gnunet-crypto-tvg
---
 src/util/crypto_ecc_gnsrecord.c |  2 ++
 src/util/crypto_hash_file.c     |  2 ++
 src/util/gnunet-crypto-tvg.c    | 27 +++++++++++++++++----------
 3 files changed, 21 insertions(+), 10 deletions(-)

diff --git a/src/util/crypto_ecc_gnsrecord.c b/src/util/crypto_ecc_gnsrecord.c
index b902e0e0a..fc99bfc18 100644
--- a/src/util/crypto_ecc_gnsrecord.c
+++ b/src/util/crypto_ecc_gnsrecord.c
@@ -361,7 +361,9 @@ GNUNET_CRYPTO_eddsa_private_key_derive (
   gcry_mpi_release (h);
   gcry_mpi_release (x);
   gcry_mpi_release (n);
+  gcry_mpi_release (h_mod_n);
   gcry_mpi_release (a1);
+  gcry_mpi_release (eight);
   gcry_mpi_release (a2);
   gcry_ctx_release (ctx);
   GNUNET_CRYPTO_mpi_print_unsigned (dc, sizeof(dc), d);
diff --git a/src/util/crypto_hash_file.c b/src/util/crypto_hash_file.c
index 7300bab29..96d364d2b 100644
--- a/src/util/crypto_hash_file.c
+++ b/src/util/crypto_hash_file.c
@@ -184,6 +184,7 @@ GNUNET_CRYPTO_hash_file (enum GNUNET_SCHEDULER_Priority priority,
   if (GPG_ERR_NO_ERROR != gcry_md_open (&fhc->md, GCRY_MD_SHA512, 0))
   {
     GNUNET_break (0);
+    GNUNET_free (fhc->filename);
     GNUNET_free (fhc);
     return NULL;
   }
@@ -227,6 +228,7 @@ GNUNET_CRYPTO_hash_file_cancel (struct GNUNET_CRYPTO_FileHashContext *fhc)
   GNUNET_free (fhc->filename);
   GNUNET_break (GNUNET_OK ==
                 GNUNET_DISK_file_close (fhc->fh));
+  gcry_md_close (fhc->md);
   GNUNET_free (fhc);
 }
 
diff --git a/src/util/gnunet-crypto-tvg.c b/src/util/gnunet-crypto-tvg.c
index 4655407f0..5a16bb8fc 100644
--- a/src/util/gnunet-crypto-tvg.c
+++ b/src/util/gnunet-crypto-tvg.c
@@ -637,11 +637,12 @@ checkvec (const char *operation,
                                                             blinded_len)) )
     {
       GNUNET_free (blinded_data);
+      GNUNET_free (blinded_data_comp);
       GNUNET_free (public_enc_data);
       GNUNET_free (secret_enc_data);
       GNUNET_free (sig_enc_data);
-      GNUNET_free (skey);
-      GNUNET_free (pkey);
+      GNUNET_CRYPTO_rsa_private_key_free (skey);
+      GNUNET_CRYPTO_rsa_public_key_free (pkey);
       GNUNET_break (0);
       return GNUNET_NO;
     }
@@ -650,6 +651,7 @@ checkvec (const char *operation,
     sig = GNUNET_CRYPTO_rsa_unblind (blinded_sig, &bks, pkey);
     GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_rsa_verify (&message_hash, sig,
                                                            pkey));
+    GNUNET_free(public_enc_data);
     public_enc_len = GNUNET_CRYPTO_rsa_public_key_encode (pkey,
                                                           &public_enc_data);
     sig_enc_length_comp = GNUNET_CRYPTO_rsa_signature_encode (sig,
@@ -658,25 +660,29 @@ checkvec (const char *operation,
     if ( (sig_enc_length != sig_enc_length_comp) ||
          (0 != memcmp (sig_enc_data, sig_enc_data_comp, sig_enc_length) ))
     {
-      GNUNET_free (blinded_sig);
+      GNUNET_CRYPTO_rsa_signature_free (blinded_sig);
       GNUNET_free (blinded_data);
+      GNUNET_free (blinded_data_comp);
       GNUNET_free (public_enc_data);
       GNUNET_free (secret_enc_data);
       GNUNET_free (sig_enc_data);
-      GNUNET_free (skey);
-      GNUNET_free (sig);
-      GNUNET_free (pkey);
+      GNUNET_free (sig_enc_data_comp);
+      GNUNET_CRYPTO_rsa_private_key_free (skey);
+      GNUNET_CRYPTO_rsa_signature_free (sig);
+      GNUNET_CRYPTO_rsa_public_key_free (pkey);
       GNUNET_break (0);
       return GNUNET_NO;
     }
-    GNUNET_free (blinded_sig);
+    GNUNET_CRYPTO_rsa_signature_free (blinded_sig);
     GNUNET_free (blinded_data);
+    GNUNET_free (blinded_data_comp);
     GNUNET_free (public_enc_data);
     GNUNET_free (secret_enc_data);
     GNUNET_free (sig_enc_data);
-    GNUNET_free (sig);
-    GNUNET_free (pkey);
-    GNUNET_free (skey);
+    GNUNET_free (sig_enc_data_comp);
+    GNUNET_CRYPTO_rsa_signature_free (sig);
+    GNUNET_CRYPTO_rsa_public_key_free (pkey);
+    GNUNET_CRYPTO_rsa_private_key_free (skey);
   }
   else if (0 == strcmp (operation, "cs_blind_signing"))
   {
@@ -1009,6 +1015,7 @@ check_vectors ()
         break;
       }
     }
+    json_decref (vecfile);
     return (ret == GNUNET_OK) ? 0 : 1;
   }
 }
-- 
2.38.1

Activities

schanzen

2023-02-06 05:30

administrator   ~0019758

Thank you very much.
1505f2f06b2d7f260811efee6597f725e4595e6c

schanzen

2023-06-01 20:26

administrator   ~0020246

released some time ago

Issue History

Date Modified Username Field Change
2023-01-29 21:17 ulfvonbelow New Issue
2023-01-29 21:17 ulfvonbelow Tag Attached: bug
2023-01-29 21:17 ulfvonbelow Tag Attached: memory-leak
2023-01-29 21:17 ulfvonbelow Tag Attached: patch
2023-01-29 21:17 ulfvonbelow File Added: 0001-UTIL-fix-memory-leaks-in-several-places.patch
2023-02-06 05:30 schanzen Assigned To => schanzen
2023-02-06 05:30 schanzen Status new => resolved
2023-02-06 05:30 schanzen Resolution open => fixed
2023-02-06 05:30 schanzen Fixed in Version => 0.19.4
2023-02-06 05:30 schanzen Note Added: 0019758
2023-02-06 05:46 schanzen Target Version => 0.19.4
2023-06-01 20:26 schanzen Note Added: 0020246
2023-06-01 20:26 schanzen Status resolved => closed